Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

According to security firm Proofpoint, email fraud attacks in the fourth quarter of 2017 were pervasive, with 88.8 percent of organizations targeted by at least one attack.

Proofpoint detailed the findings in its Email Fraud Threat Report, which it released on Feb. 12. As part of the report, Proofpoint analyzed more than 160 billion emails, delivered to 2,400 companies around the world.

On average, Proofpoint found that organizations were more impacted by email fraud attacks in 2017 than in 2016. In the fourth quarter of 2016, Proofpoint reported that 75 percent of organizations were impacted by email fraud; that figure grew to the 88.8 percent figure for the fourth quarter of 2017. More email identities were spoofed in the fourth quarter of 2017 as well, with 47 percent of organizations having more than five spoofed email identities. A spoofed email identity is one in which a fraudster spoofs what is a legitimate email address or user identity within an organization in an attempt to trick others.

Further reading

"The vast majority of information about spoofed identities comes from social media and internet searches and is easily discoverable," Robert Holmes, vice president of Email Security Products at Proofpoint, told eWEEK. "While we haven't done a systematic analysis of this, we did analyze the identities spoofed for a few companies and found that 78 percent of them were on LinkedIn."

Holmes said Proofpoint also saw that the majority of the spoofed identities had finance or accounting related job titles. He added that there are also databases of employees that are inexpensively available on the dark web.

"But, fraudsters don't stop there," Holmes said. "They also research the business partners and vendors of their targeted organizations."

DMARC

Email is easily spoofed and used by attackers for fraud when organizations don't properly protect their domain name and email servers. One of the best ways to help protect the integrity of email domains is with the Domain-Based Message Authentication (DMARC) policy and report protocol.

The U.S. government has mandated that its agencies move toward supporting DMARC. According to Proofpoint's analysis, 52 percent of U.S. government agencies now have DMARC support for their email domains.

"Fifty-two percent represents progress, but it should have been 100 percent," Holmes said. "In our view, the holdup was due to competing priorities and compliance violation."

Proofpoint has seen that many agencies are attempting to implement DMARC by themselves, which can present challenges if they lack the required expertise, Holmes said. Although DMARC can help protect against email fraud attacks by verifying that an email came from a given domain, it is not a complete solution for all forms of email attacks.

"DMARC alone should not be thought of as the silver bullet to stop email fraud as there are various techniques used by attackers in addition to domain spoofing, including lookalike domain spoofing," he said.

With a lookalike domain, attackers use a misspelled name or some other form of typo in an attempt to trick users. Proofpoint recommends a multilayered approach to solving the full email fraud challenge. The approach includes DMARC authentication, dynamic email analysis to block display name spoofing at the gateway, and lookalike domain discovery to search for domains that have recently been registered by third parties.

"We don't see any end in sight for the growth of email fraud given the low barrier to entry and the potentially high gains, which could be millions of dollars for a single successful campaign," he said. "The data from January alone suggests that email fraud will continue to grow considerably in 2018."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.